0005496: msfpc - Fix usage example - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0005496	Kali Linux	Kali Package Improvement	public	2019-06-02 20:21	2020-02-10 17:39

Reporter	g0tmi1k	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	open

Summary	0005496: msfpc - Fix usage example
Description	g0tmi1k@kali-dev:~$ msfpc [*] MSFvenom Payload Creator (MSFPC v1.4.5) [i] Missing TYPE or BATCH/LOOP mode /usr/bin/msfpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>) Example: /usr/bin/msfpc windows 192.168.1.10 # Windows & manual IP. /usr/bin/msfpc elf bind eth0 4444 # Linux, eth0's IP & manual port. /usr/bin/msfpc stageless cmd py https # Python, stageless command prompt. /usr/bin/msfpc verbose loop eth1 # A payload for every type, using eth1's IP. /usr/bin/msfpc msf batch wan # All possible Meterpreter payloads, using WAN IP. /usr/bin/msfpc help verbose # Help screen, with even more information. <TYPE>: + APK + ASP + ASPX + Bash [.sh] + Java [.jsp] + Linux [.elf] + OSX [.macho] + Perl [.pl] + PHP + Powershell [.ps1] + Python [.py] + Tomcat [.war] + Windows [.exe // .exe // .dll] Rather than putting <DOMAIN/IP>, you can do a interface and MSFPC will detect that IP address. Missing <DOMAIN/IP> will default to the IP menu. Missing <PORT> will default to 443. <CMD> is a standard/native command prompt/terminal to interactive with. <MSF> is a custom cross platform shell, gaining the full power of Metasploit. Missing <CMD/MSF> will default to <MSF> where possible. <BIND> opens a port on the target side, and the attacker connects to them. Commonly blocked with ingress firewalls rules on the target. <REVERSE> makes the target connect back to the attacker. The attacker needs an open port. Blocked with engress firewalls rules on the target. Missing <BIND/REVERSE> will default to <REVERSE>. <STAGED> splits the payload into parts, making it smaller but dependent on Metasploit. <STAGELESS> is the complete standalone payload. More 'stable' than <STAGED>. Missing <STAGED/STAGELESS> will default to <STAGED> where possible. <TCP> is the standard method to connecting back. This is the most compatible with TYPES as its RAW. Can be easily detected on IDSs. <HTTP> makes the communication appear to be HTTP traffic (unencrypted). Helpful for packet inspection, which limit port access on protocol - e.g. TCP 80. <HTTPS> makes the communication appear to be (encrypted) HTTP traffic using as SSL. Helpful for packet inspection, which limit port access on protocol - e.g. TCP 443. <FIND_PORT> will attempt every port on the target machine, to find a way out. Useful with stick ingress/engress firewall rules. Will switch to 'allports' based on <TYPE>. Missing <TCP/HTTP/HTTPS/FIND_PORT> will default to <TCP>. <BATCH> will generate as many combinations as possible: <TYPE>, <CMD + MSF>, <BIND + REVERSE>, <STAGED + STAGELESS> & <TCP + HTTP + HTTPS + FIND_PORT> <LOOP> will just create one of each <TYPE>. <VERBOSE> will display more information. g0tmi1k@kali-dev:~$ Can we drop `/usr/bin/`?

g0tmi1k 2020-02-10 17:39 administrator ~0012151	Due to the age of the OS (Kali Moto [v1], Kali Safi [v2], Kali Rolling <= 2019.2), these legacy versions are no longer supported. We will be closing this ticket due to inactivity. Please could you see if you are able to replicate this issue with the latest version of Kali Linux - https://www.kali.org/downloads/? If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup? For more information, please read: https://kali.training/topic/filing-a-good-bug-report/

Date Modified	Username	Field	Change
2019-06-02 20:21	g0tmi1k	New Issue
2020-02-10 17:39	g0tmi1k	Note Added: 0012151
2020-02-10 17:39	g0tmi1k	Status	new => closed